COVID Effect: Anatomy of a State Attorney General Health Care Data Guidance

What’s happening? Hacks and ransomware are occurring in greater numbers. COVID created a lot of new healthcare data.

Why is this important? The California Attorney General issued guidance to heath care industry that put the industry on notice that the office is concerned by health care data privacy.

How will this be important? The California Attorney General recommended the following minimum standards :

• keep all operating systems and software housing health data current with the latest security patches;
• install and maintain virus protection software;
• provide regular data security training for staff members that includes education onnot clicking on suspicious web links and guarding against phishing emails;
• restrict users from downloading, installing, and running unapproved software; and
• maintain and regularly test a data backup and recovery plan for all critical information to limit the impact of data or system loss in the event of a data security incident.

California Attorney General | BULLETIN: Obligation to Proactively Reduce Vulnerabilities to Ransomware Attacks and Requirements Regarding Health Data Breach Reporting